(WEB HOST INDUSTRY REVIEW) — One of the researchers who found a critical vulnerability in the Secure Socket Layer certificate earlier this year has started a new service that lets organizations evaluate the security of Wi-Fi Protected Access networks with Pre-Shared Keys.
Independent researcher Moxie Marlinspike has started WPA Cracker (www.wpacracker.com), a cloud cracking service that lets penetration testers and network auditors check the strength of their WPA-PSK encryption passwords using a 400-processor cloud node that runs a 135-million-word dictionary attack. It works against both WPA and WPA2 when PSK is being used.
WPA Cracker offers two different cracking modes — a half-powered offering and a full-powered one. For $17, an organization can run its job against half of WPA Cracker’s CPU cluster, taking as long as 40 minutes. For $34, they get the entire cluster, which cuts the testing time down to 20 minutes at most. On a contemporary desktop machine, this process would take about five days.
Rather than using the OpenWall (www.openwall.com) directory of word lists, WPA Cracker uses dictionaries tailored more specifically for WPA networks as opposed to Unix logins, which the OpenWall project is best at. The WPA Cracker dictionary was meticulously compiled with WPA cracking in mind, and includes word combinations, phrases, numbers, symbols, and elite speak.
No related posts.
